The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill defines templates for SOPs that ingest external data via parameters. This creates a surface for indirect prompt injection.
Ingestion points: Parameters such as {pr_url}, {repository_path}, and {feature_description} in the provided examples (SKILL.md).
Boundary markers: Absent. The templates do not include delimiters or instructions to ignore embedded commands within the parameters.
Capability inventory: The skill is allowed to use Bash, Write, and Edit tools as specified in the frontmatter.
Sanitization: Absent. There are no instructions for validating or sanitizing the input provided to these parameters.

sop-authoring